[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: IP: Re: Microsoft's pgp keys don't verify
>X-Sender: rjs#goodread.com@mail.samnet.net >Date: Thu, 26 Jul 2001 19:26:32 -0400 >To: farber@cis.upenn.edu >From: Richard Jay Solomon <rjs@goodread.com> >Subject: Re: IP: Microsoft's pgp keys don't verify >Cc: ip-sub-1@majordomo.pobox.com >X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for >spam. > >>> >>>For at least four months, Microsoft has been sending out security >>>bulletins which fail a popular e-mail authentication system. As a >>>result, the company could be opening the door to counterfeit bulletins >>>from malicious hackers. >>>To protect against forgery, Microsoft's security response center >>>digitally signs its bulletins with PGP before e-mailing them to >>>subscribers of its security notification service. But since at least >>>March, if recipients attempt to > >Maybe they are forged. Reminds me of the story of the first bankcard ATM >in Atlanta. At the dedication, the first person to put his card in was >rejected. The machine indicated the card was invalid. The embarrassed bank >officials gave him his money from the till. Then after he had vanished >into the crowd, the security people checked their printed database, and >indeed, the card was hot! > >Story told me by Ken Phillips who swore it was true. > >Richard For archives see: http://www.interesting-people.org/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC